<?
//this page is invisible, it just creates the login session according to blink.login and directs to the right direction
include_once 'config.php';

//validate the username
$blink = new Blink;
$ret = $blink->Validate($_REQUEST['user'],$_REQUEST['pass'],$_REQUEST['dob']);

//if its not working, return to registeration
if(is_array($res))
    header("Location: register.php?error=".$ret['error']);
    
//he's good to go, let's store some info   
//now encrypt the pass
$password = md5($_REQUEST['pass']);
//author the user token, typically 64 letter & number, MD5 useing first name & time as salt
$token = md5(time()).md5($_REQUEST['firstname']);
$form = new form();
$form->table = "users";
$form->operation = "add";
//what should form input, needs sanitization
$form->handle = array("table"=>"users",
                      "firstname"=>$_REQUEST['firstname'],
                      "lastname"=>$_REQUEST["lastname"],
                      "dob"=>$_REQUEST['dob'],
                      "acctno"=>$_REQUEST['acctno'],
                      "user"=>$_REQUEST['user'],
                      "pass"=>$password,
                      "token"=>$token,
                      "active"=>0
                      );
$form->UpdateForm();
$res = dbQuery("select LAST_INSERT_ID() as uid from users") or die(dbError());
$row = dbFetchArray($res);
$id = $row['uid'];
header("Location: thankyou.php?u=".$row['uid']);
?>